Skip to content

Standards Documentation #1884

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rocketstack-matt merged 4 commits into from
Nov 29, 2025
Merged

Standards Documentation #1884

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a183b14
feat(docs): add comprehensive CALM Standards documentation
jpgough-ms Nov 28, 2025
bb91b5a
Merge branch 'main' into standards
jpgough-ms Nov 28, 2025
f91234a
fix(cli): add calm-cli-instructions.md to bundled resources validation
jpgough-ms Nov 28, 2025
0d181dd
fix(docs): correct broken link to Controls documentation in Standards…
jpgough-ms Nov 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions calm-ai/CALM.chatmode.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ On your first prompt in each session, you MUST:
- `.github/chatmodes/calm-prompts/flow-creation.md`
- `.github/chatmodes/calm-prompts/pattern-creation.md`
- `.github/chatmodes/calm-prompts/documentation-creation.md`
- `.github/chatmodes/calm-prompts/standards-creation.md`

3. After reading the prompts, confirm you're ready to assist with CALM architectures.

Expand Down
1 change: 1 addition & 0 deletions calm-ai/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ The CALM AI tools provide specialized prompts and guidance for AI assistants to
- `node-creation.md` - Guide for creating nodes with proper validation
- `pattern-creation.md` - Guide for reusable architectural patterns
- `relationship-creation.md` - Guide for creating relationships between nodes
- `standards-creation.md` - Guide for creating JSON Schema Standards that extend CALM components with organizational requirements

## Usage

Expand Down
60 changes: 60 additions & 0 deletions calm-ai/tools/control-creation.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,50 @@ The complete control schema from the FINOS CALM v1.0 specification:

Controls in CALM represent compliance policies, governance rules, and enforcement mechanisms applied to architecture elements.

## Standards Integration

**Most controls in CALM use Standards to define their requirements and specifications.** This creates points of consistency across a given domain and enables reusable control patterns.

### How Controls Use Standards

Controls work with Standards in the following way:

1. **Requirement Files**: The `requirement-url` points to a requirement.json file that defines what the control expects
2. **Configuration Files**: The `config-url` points to a configuration.json file that provides the actual configuration data
3. **Standards as Base Schemas**: Requirements may optionally use Standards as their base JSON schema to ensure consistency

**Example - NIST Control with Standard-based Requirement**:

```json
{
"nist-access-control": {
"description": "NIST 800-53 Access Control requirements for system authentication",
"requirements": [
{
"requirement-url": "https://requirements.company.com/nist-ac2-requirement.json",
"config": {
"documentNumber": "NIST SP 800-53",
"title": "Security and Privacy Controls for Federal Information Systems",
"status": "Final",
"seriesName": "Special Publication",
"controlFamily": "AC - Access Control",
"controlId": "AC-2"
}
}
]
}
}
```

In this example, the `requirement-url` points to a requirement.json file. That requirement file may optionally use a NIST Document Standard as its JSON schema base to ensure all NIST controls follow consistent structure.

### Benefits of Standards with Controls

- **Consistency**: All requirement files using the same Standard follow identical structure
- **Validation**: Standards provide automatic schema validation for requirement file structure
- **Reusability**: Standards can be shared across multiple requirement files and organizations
- **Compliance**: Industry frameworks like NIST, ISO 27001, SOC 2 can be modeled as Standards for requirement files

## Where Controls Can Be Applied

Controls can be applied at multiple levels within a CALM architecture:
Expand Down Expand Up @@ -331,3 +375,19 @@ Each requirement MUST have exactly ONE of:
- Structure requirements to be independently verifiable
- Document the relationship between requirement schemas and configurations
- Regular review and updates for compliance changes

## Cross-References

- **Standards Creation**: See standards creation tool for creating requirement Standards that controls reference
- **Node Creation**: Understand how controls are applied to individual nodes
- **Flow Creation**: Learn how controls work with business processes and flows
- **Architecture Creation**: See how controls are structured at the architecture document level
- **Pattern Creation**: Use controls in reusable architectural patterns

## Key Reminders

- Most controls reference requirement files that may use Standards as their base schemas
- Controls can be applied at architecture, node, and flow levels
- Each control must have both description and requirements properties
- Use Standards for consistency in requirement files across compliance frameworks like NIST, ISO 27001, SOC 2
- Reference the standards creation tool when creating base schemas for requirement files
Loading
Loading